label.tagPage - incident response
Sat Feb 01 2025
938 label.wordCount · 6 label.readTime
Conti
An Exchange server was compromised with ransomware. Use Splunk to investigate how the attackers compromised the server.
Sat Feb 01 2025
976 label.wordCount · 7 label.readTime
REvil Corp
You are involved in an incident response engagement and need to analyze an infected host using Redline
